On Tue, 19 Apr 2016, david wrote: > > > > At 09:09 AM 4/18/2016, you wrote: >> On Mon, 18 Apr 2016, david wrote: >> >> > FOLLOWUP & REPORT >> > >> > I had lots of suggestions, and the most persuasive was to try OpenVPN. I >> > already had a CA working, so issuing certificates was easy. The HOW-TO >> > guides were less helpful than I could hope, but comparing several of >> > them, applying common sense, and trying things out, I arrived at a >> > dead-end. Here's essentially what happened: >> > >> > - None of the HOW-TOs were very clear about the need to add some >> > attributes to a certificate, keyUsage and extendedKeyUsage. They had >> > different values for server and client. OpenSSL documentation was a big >> > vague on how to add them, but I think I did - the print out of the entity >> > certificates showed the values. The attempt to connect failed. The >> > client log is below. I think it's complaining that the CA certificate >> > doesn't have the ke Usage extension, which makes no sense to me. Such an >> > extension should be in the end-entity certificate, not the CA's, unless >> > I'm wrong. I checked the server and really think that the certificates >> > are in the right place. >> >> Here's how I managed that in my openssl.cnf file. Lots of bits ellided for >> clarity's sake: >> >> ### start ### >> [ ca ] >> default_ca = CA_default >> >> [ CA_default ] >> x509_extensions = server_cert >> >> [ server_cert ] >> basicConstraints=CA:FALSE >> keyUsage = nonRepudiation, dataEncipherment, digitalSignature, >> keyEncipherment >> extendedKeyUsage = serverAuth, clientAuth >> nsCertType = server, client >> ### end ### >> >> I think the nsCertType directive may be unnecessary these days, but I keep >> it around because it doesn't hurt anything. >> >> The important bit is the extendedKeyUsage line; I'm pretty sure that an >> OpenVPN server needs the serverAuth extension. For instance, here is the >> X509 extensions configuration for a server used by EasyRSA: >> >> basicConstraints = CA:FALSE >> subjectKeyIdentifier = hash >> authorityKeyIdentifier = keyid,issuer:always >> extendedKeyUsage = serverAuth,clientAuth >> keyUsage = digitalSignature,keyEncipherment >> >> You can ask openssl to tell you the purpose of a certificate: >> >> [bash]$ openssl x509 -noout -purpose -in cert.pem | grep SSL >> SSL client : Yes >> SSL client CA : No >> SSL server : Yes >> SSL server CA : No >> Netscape SSL server : Yes >> Netscape SSL server CA : No >> >> Anyway, those are the extensions that should do away with these errors: >> >> > Mon Apr 18 05:34:50 2016 VERIFY OK: depth=1, C=US, ST=California, L=San >> > Francisco, OU=Certificate Authority, O=XXXX, CN=X.X.X >> > Mon Apr 18 05:34:50 2016 Certificate does not have key usage extension >> >> -- >> Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/ > > > Paul > Two things... > > First, the diagnostic I got referenced the server's CA certificate. > And that confuses me. I'm not sure that's actually what the log is indicating. I think there's a mismatch between what extensions the server certificate says it can provide and what the client is expecting. Can you provide the SSL/TLS parts of your client configuration? In particular, I expect you'll have a "remote-cert-tls server" directive. I'd suggest commenting that out (or replacing it with "ns-cert-type server") and trying again. If that succeeds, you'll probably need to review your CA configuration. -- Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/